Information Security Analyst, SOC Asia

At Julius Baer, we celebrate and value the individual qualities you bring, enabling you to be impactful, to be entrepreneurial, to be empowered, and to create value beyond wealth. Let’s shape the future of wealth management together.

The incumbent is responsible for supporting the Head Information Security Asia in the areas of security operations, including security alerts monitoring and handling, security controls and overall governance. This role functions in conjunction with the global Security Operation Centre (SoC) team based across Singapore and Zurich - providing shift based coverage primarily for Asia. The incumbent will also work closely with global counterparts in Switzerland as part of the team to support the rollout of global initiatives in Asia.

As part of the Risk Management function in the Bank, the incumbent will need to work closely with the IT, Corporate Services or other relevant functions together with the Head of Information Security Asia and SoC Lead to ensure that Information Security risks are highlighted, mitigated and remediated appropriately.

**YOUR CHALLENGE**:
**P **er **son **al C **on **t **r **i **b **u **t **i **o **n a **n **d **Re **sponsi **b **i **l **i **t **i **e **s**
- Key contributor for SoC related matters in Asia
- Actively collaborate in local know-how sharing groups (should there be any of relevance)
- Continuously learn about new detection techniques applicable to BJB’s security landscape
- Must be able to work across global and regional groups and communicate information risk matters effectively
- Identification of monitoring needs and use cases
- Proposal of solution(s) to cover identified needs (e.g. monitoring pattern) - at times, this is regulatory driven
- Assistance during implementation of the proposed solution
- Documentation of monitoring/response processes
- Response to security events/incidents according to team agenda and, where available, based on processes/work instructions
- Escalation of incidents where required
- Involved in regulatory engagements (questionnaires, responses to regulatory circulars and advisories, etc)
- Involved with security investigations and escalations (i.e. misconduct)
- Keep abreast of new or changing regulatory requirements and technology advances and identify trends, potential new technologies, and emerging threats which may impact the business - this also includes potentially leading regulatory requirements’ remediation projects driven by Information Security Asia (i.e. MAS, HKMA)
- Assist with periodic security audits and management reporting
- Review and coordinate changes to information security policies, procedures, standards, and audit work programs in a continuous improvement model
- From time to time, the incumbent may be asked to support the production and delivery of Information Security education and awareness to staff at various levels
- Support junior team members in gaining knowledge on SoC operations (where circumstances require)

**YOUR PROFILE**:
**Personal and Social**
- Strong inter-personal and communication skills
- A hands-on individual who can work independently to drive initiatives and tasks
- Ability to influence others and resolve conflicts constructively
- Able to work under pressure
- Able to communicate with all levels of stakeholders including top management
- Ability to prioritize and multi-task in a competitive environment

**P **r **o **f **e **ssi **o **n **al a **n **d T **e **c **hni **c **a **l**
- Bachelor’s Degree in IT Security, Computer Science or Computer Engineering
- Relevant Information Security experience in banking, preferably in Wealth Management
- Strong knowledge of Information Security, IT Risks and Controls and related security technologies with hands-on experience
- Broad working knowledge of technology risk management and industry best practices
- Knowledge of regulatory frameworks and standards in both Singapore and Hong Kong
- Professional certification in Information Security (e.g. CISSP, CISM and CISA) and knowledge of security and control frameworks e.g. ISO27001 is advantageous